130 likes | 288 Vues
ATIS Cybersecurity. Art Reilly, Cisco. Global Standards Collaboration (GSC) GSC-15. Highlight of Current Activities (1). ATIS’ Packet Technologies and Systems Committee (PTSC) Completed: UNI and NNI signalling security standards UNI and NNI testing standards
E N D
ATIS Cybersecurity Art Reilly, Cisco Global Standards Collaboration (GSC) GSC-15
Highlight of Current Activities (1) ATIS’ Packet Technologies and Systems Committee (PTSC) • Completed: • UNI and NNI signalling security standards • UNI and NNI testing standards • NGN authentication requirements • Session Border Controller (SBC) requirements • Security architecture is layered, both horizontally and vertically, with border element functions protecting trusted from untrusted domains
Highlight of Current Activities (2) • PTSC continues to focus on security-related topics that will ensure robust signalling and communications standards and network implementations that will provide adequate protection and support for multimedia and emergency services in the current cybersecurity environment: • ETS Authentication • Data Border Function Requirements • Security Mechanisms • Location • Identity Management • Certificate Management
Highlight of Current Activities (3) • PTSC’s focus is on specifying security considerations for Layers 1 through 5 for UNIs, NNIs, ANIs, and SNIs • Generation of interface requirements will: • Attempt to reduce number of available interconnection options, without compromising the desired flexibility in implementing the services, thereby facilitating interoperability • Facilitate interconnection negotiations • Ensure adequate security will be provided
Highlight of Current Activities (4) ATIS’ Network Performance, Reliability, and QoS Committee (PRQC) • Current/Future work: • Currently working on Standard for Media Plane Performance Security Impairments Standard for Evolving VoIP/Multimedia Networks • Document potential QoS degradations associated with security mechanisms • Identify potential security problems associated with QoS mechanisms • Extend work initiated in ATIS-0100014, Information & Communications Security for NGN Converged Services IP Networks and Infrastructure • Published: • ATIS-0100024.2009, User-Network Interface (UNI) Media Plane Security Standard for Evolving VoIP/Multimedia Networks, published. • ATIS-0100014 (see above)
Highlight of Current Activities (5) ATIS’ Telecom Management and Operations Committee (TMOC) • TMOC will continue to address • Management aspects of security, especially concerning NGN Carrier Interconnection arrangements and VoIP Registry Database • Management aspects of security, as driven by the ATIS Board (e.g., TOPS Council or CIO Council)
Strategic Direction • ATIS continues to develop a suite of security authentication and IdM standards that will facilitate secure interconnection of: • transport facilities • signalling facilities • services and applications • Cloud computing may pose significant security issues that will need to be addressed
Challenges SIP security solutions are tailored to be end to end SIP/SIPPING/SIMPLE/etc. RFCs have well written security sections that are not fully implemented in vendor products Security solutions have an impact on delay and performance
Next Steps/Actions ATIS will continue on its current path of generating a complete suite of standards that can be used to facilitate interconnection negotiations and result in interconnection scenarios that are secure
Proposed Resolution • Continued support for GSC-14 Security Related Resolutions: • Resolution GSC-14/4 - Identity Management • Resolution GSC-14/25 - Personally Identifiable Information Protection • Update Resolution GSC-14/11 - Cybersecurity to reflect actions at WTDC10 (modified draft Resolution provided as a GSC contribution)
Supplemental Slides • PTSC Issues may be found at: http://www.atis.org/0191/issues.asp • PTSC Active Issues which have a security component are: Issue # Title • S0051 ATIS NGN Identity Management Requirements • S0055 Security Mechanisms • S0059 ATIS NGN Identity Management Use Cases • S0060 ATIS NGN Identity Management Mechanisms • S0061 Certificate Management • S0063 ATIS ETS Authentication • S0065 Enterprise Network Support in NGN • S0073 Security Guidelines for DBF Interface • S0074 Security Guidelines for Carrier Interconnection (NNI)
Supplemental Slides • PRQC Issues may be found at: http://www.atis.org/0010/issues.asp • PRQC Active Issues which have a security component are: Issue # Title • A0010 User Plane Security Requirements in NGNs • A0014 Network-Network Interface (NNI) User Plane Security • A0035 Impact of Security on QOS Performance in NGNs • A0045 Service-specific Security Mechanism Implementation Options